Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2014-2388 | First vendor Publication | 2014-08-18 |
| Vendor | Cve | Last vendor Modification | 2018-10-09 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:A/AC:L/Au:N/C:C/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 6.1 | Attack Range | Adjacent network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 6.5 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The Storage and Access service in BlackBerry OS 10.x before 10.2.1.1925 on Q5, Q10, Z10, and Z30 devices does not enforce the password requirement for SMB filesystem access, which allows context-dependent attackers to read arbitrary files via (1) a session over a Wi-Fi network or (2) a session over a USB connection in Development Mode. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2388 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2014-08-21 | IAVM : 2014-B-0112 - BlackBerry 10 OS Authentication Bypass Vulnerability Severity : Category II - VMSKEY : V0053883 |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2020-05-23 01:51:40 |
|
| 2020-05-23 00:40:31 |
|
| 2018-10-10 00:19:48 |
|
| 2017-08-29 09:24:29 |
|
| 2017-01-07 09:25:28 |
|
| 2016-04-27 00:34:40 |
|
| 2015-10-18 17:22:30 |
|
| 2014-08-28 09:22:13 |
|
| 2014-08-19 00:22:34 |
|
| 2014-08-18 17:23:30 |
|
